29 results (0.027 seconds)

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js. SPIP anterior a 4.1.14 y 4.2.x anterior a 4.2.8 permite XSS mediante el nombre de un archivo cargado. Esto está relacionado con javascript/bigup.js y javascript/bigup.utils.js. • https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-8-SPIP-4-1-14.html?lang=fr https://git.spip.net/spip/bigup/commit/0757f015717cb72b84dba0e9a375ec71caddf1c2 https://git.spip.net/spip/bigup/commit/ada821c076d67d1147a195178223d0b4a6d8cecc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics. ecrire/public/assembler.php en SPIP anteriores a 4.1.3 y 4.2.x anteriores a 4.2.7 permite XSS porque la entrada from_request() no está restringida a caracteres seguros como los alfanuméricos. • https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-7-SPIP-4-1-13.html?lang=fr https://git.spip.net/spip/spip/commit/e90f5344b8c82711053053e778d38a35e42b7bcb https://lists.debian.org/debian-lts-announce/2024/03/msg00014.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 97%CPEs: 7EXPL: 9

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. SPIP versions 4.2.1 and below suffer from an unauthenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/51536 https://github.com/nuts7/CVE-2023-27372 https://github.com/ThatNotEasy/CVE-2023-27372 https://github.com/0SPwn/CVE-2023-27372-PoC https://github.com/izzz0/CVE-2023-27372-POC https://github.com/Chocapikk/CVE-2023-27372 https://github.com/1amthebest1/CVE-2023-27372 https://github.com/Jhonsonwannaa/CVE-2023-27372 https://github.com/redboltsec/CVE-2023-27372-PoC http://packetstormsecurity.com/files/171921/SPIP-Remote-Command-Execution.ht •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request. • https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-1-7-SPIP-4-0-9-et-SPIP-3-2-17.html https://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.5/SPIP_4.1.5_AND_BEFORE_AUTH_SQLi_Abyss_Watcher.md https://www.debian.org/security/2023/dsa-5325 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the lier_trad and where parameters. Se ha detectado que Spip Web Framework versiones v3.1.13 y anteriores, contiene múltiples vulnerabilidades de inyección SQL en /ecrire por medio de los parámetros lier_trad y where • https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-SPIP-3-2-8-et-SPIP-3-1-13.html https://github.com/spip/SPIP/commit/0394b44774555ae8331b6e65e35065dfa0bb41e4 https://github.com/spip/SPIP/commit/6c1650713fc948318852ace759aab8f1a84791cf https://thinkloveshare.com/en/hacking/rce_on_spip_and_root_me https://www.root-me.org/fr/Informations/Faiblesses-decouvertes • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •